UndefinedOffset
commented
6 years ago I have a proposed fix in the Webbuilders Group fork if you agree I'll submit a pull request accordingly for you to merge.
Closed UndefinedOffset closed 6 years ago
UndefinedOffset
commented
6 years ago I have a proposed fix in the Webbuilders Group fork if you agree I'll submit a pull request accordingly for you to merge.
colymba
commented
6 years ago Thanks @UndefinedOffset, sounds good to me! One suggestion, should we change "email" in the response to done or something else generic?
UndefinedOffset
commented
6 years ago Ya I like that idea, I've switched it to done and will open a pull shortly
colymba
commented
6 years ago thanks @UndefinedOffset !
Should the
api/auth/lostPassword?email=***endpoint return anything other than a generic response i.e{"email":true}rather than what it currently does which is two different responses one if the account exists and one if it does not? It would probably be better for security if it returned a generic response much like/Security/lostpassworddoes.